DoS vulnerability in Internet Explorer

2009-11-19 / 2009-11-20
Credit: MustLive
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

Not sure if this matters or not but it also worked on blackberry browser on blackberry 8800. Regards. ------Original Message------ From: MustLive To: bugtraq (at) securityfocus (dot) com [email concealed] Sent: Nov 8, 2009 8:54 AM Subject: DoS vulnerability in Internet Explorer Hello Bugtraq! I want to warn you about Denial of Service vulnerability in Internet Explorer. Yesterday I already informed Microsoft. This attack I called DoS via homepage. DoS: http://websecurity.com.ua/uploads/2009/IE%20DoS%20Exploit10.html With this exploit in IE6 the browser blocks, so it's become impossible to use it and it's only possible to close it (via Task Manager). With this exploit in IE7 the browser freezes after click on the link . Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet Explorer 7 (7.0.6000.16711) and previous versions (and possible next versions too). I mentioned about this vulnerability at my site (http://websecurity.com.ua/3658/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua Sent via BlackBerry from T-Mobile

References:

http://www.securityfocus.com/archive/1/archive/1/507759/100/0/threaded


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top